CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Huntress
Velociraptor WSUS Exploitation, Pt. I: WSUS-Up?
In November, Huntress analysts detected an incident where threat actors likely exploited a recently patched remote code execution vulnerability in Windows Server Update Services (WSUS). After gaining ...
-
CybersecurityNews
Lessons from Oracle E-Business Suite Hack That Allegedly Compromises Nearly 30 Organizations Worldwide
A sophisticated cyberattack targeting Oracle E-Business Suite (EBS) customers has exposed critical vulnerabilities in enterprise resource planning systems, compromising an estimated 100 organizations ...
-
The Cyber Express
Critical 7-Zip Vulnerability CVE-2025-11001 Prompts NHS Cyber Alert
A newly discovered security flaw, identified as CVE-2025-11001, is targeting users across both public and private sectors. The vulnerability, affecting all versions of 7-Zip before 25.00, allows attac ...
-
hackread.com
Comet Browser Flaw Lets Hidden API Run Commands on Users’ Devices
Security researchers from web browser security firm SquareX have issued a public warning after uncovering a vulnerability in Perplexity’s Comet AI browser. Their research, published on November 19, 20 ...
-
The Cyber Express
Europe Strengthens Cyber Defense as ENISA Becomes CVE Root
The European Union Agency for Cybersecurity (ENISA) has taken a major step forward in advancing vulnerability management across Europe by becoming a CVE Root within the global Common Vulnerabilities a ...
-
The Hacker News
ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves
Nov 20, 2025Ravie LakshmananCybersecurity / Hacking News This week has been crazy in the world of hacking and online security. From Thailand to London to the US, we've seen arrests, spies at work, a ...
-
CybersecurityNews
Threat Actors Allegedly Selling Microsoft Office 0-Day RCE Vulnerability on Hacking Forums
A threat actor known as Zeroplayer has reportedly listed a zero-day remote code execution (RCE) vulnerability, combined with a sandbox escape, targeting Microsoft Office and Windows systems for sale o ...
-
CybersecurityNews
Critical N-able N-central Vulnerabilities Allow attacker to interact with legacy APIs and read sensitive files
N-able’s N-central remote management and monitoring (RMM) platform faces critical security risks following the discovery of multiple vulnerabilities. According to Horizon3.ai, it allows unauthenticate ...
-
CybersecurityNews
Critical Twonky Server Vulnerabilities Let Attackers Bypass Authentication
Twonky Server version 8.5.2 contains two critical authentication bypass vulnerabilities that allow unauthenticated attackers to gain full administrative access to the media server software. Rapid7 dis ...
-
Daily CyberSecurity
Grafana Patches Critical SCIM Flaw (CVE-2025-41115, CVSS 10) Allowing Privilege Escalation and User Impersonation
Grafana has released emergency security updates for Grafana Enterprise addressing a critical privilege-escalation flaw in its SCIM provisioning feature. Tracked as CVE-2025-41115, the vulnerability ca ...